package com.bianmaba.oauth.configuration;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2SsoDefaultConfiguration;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.web.filter.CompositeFilter;

/**
 * @program: spring-oauth2-demo
 * @description:
 * @author: Chenjiabin
 * @create: 2018/11/9 16:31
 **/
@Configuration
@Order(99)
public class CustomWebSecurityConfigurerAdapter extends OAuth2SsoDefaultConfiguration {
    public CustomWebSecurityConfigurerAdapter(ApplicationContext applicationContext) {
        super(applicationContext);
    }

    @Autowired
    private CompositeFilter filter;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().antMatchers("/login.html").permitAll();
        http.exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login.html"));
        http
                .addFilterBefore(filter, BasicAuthenticationFilter.class).csrf().disable();
        super.configure(http);
    }
}
